What data do we process?
We process the data that you provide as part of using our services, it is primarily data that is necessary to provide you with accounts or profiles, e.g. it is an e-mail address as well as data that you leave as part of navigating our services, i.e. those you leave in cookies. We also process data that you enter in the services we provide to you as part of hosting, in which case our processing is limited only to providing a virtual space on which you place this data. The scope of data processed in different services may vary.
Who is the data administrator?
The administrator of your data is Wall 31 Sp. z o.o. with headquarters in Gdańsk. Contact to data administrator: email@example.com
The purposes and legal grounds for processing your personal data and the period for which they will be processed.
Personal data of all persons using the website (including the IP address or other identifiers and information collected via cookies or other similar technologies) and non-registered users, i.e. persons who do not have a profile on the website, are processed by the Administrator.
The legal grounds for processing your data for specific purposes are as follows:
1. to provide services electronically in the field of providing users with content collected on the website, including:
a. necessary to establish, shape the content, change, terminate and correctly perform the services provided electronically and the implementation of orders placed by the User;
b. processing orders placed by the User for products in the service's assortment
c. considerationof your complaints and return benefits in the event of withdrawal (return of goods).
Then the legal basis is - art. 6 para. 1 letter b / GDPR, the necessity to perform the contract to which the user is a party
- Processing period: until the expiry of a given contract between you and Wall 31 sp. Z o. data processing for statistical, billing or redress purposes.
2. statistical measurements, marketing, including profiling and analyzing data for marketing purposes, administrator's products and services.
- Legal basis - art. 6 clause 1 lit. F GDPR - legitimate interest of the administrator
- Processing period - until an effective objection is raised.
3. marketing, including analyzing and profiling data for marketing purposes regarding products and services of third parties
- Legal basis - art. 6 clause 1 lit. and voluntary consent
- Processing period - until consent is withdrawn.
If the user places on the Website any personal data of other people, including their name, address, telephone number or email address, they can do so only if they do not violate the provisions of applicable law and personal rights of these people.
The administrator provides the newsletter service on the principles set out in the regulations to persons who have provided their e-mail address for this purpose. Providing data is required to provide the newsletter service, and failure to do so results in the inability to send it.
Personal data is processed:
- to provide the service of sending the newsletter including sending marketing content - the legal basis for processing is the User's consent to receive it 9 Art. 6 clause 1 lit. and GDPR);
- for analytical and statistical purposes - the legal basis for processing is the Administrator's legitimate interest (Article 6 paragraph 1 letter f) consisting in conducting analyzes of Users' activity on the website in order to improve the functionalities used;
- in order to possibly determine and assert claims or defend against them - the legal basis for processing is the justified interest of the Administrator (Article 6 paragraph 1 letter f of the GDPR).
The user can unsubscribe from the newsletter at any time by clicking "Unsubscribe" directly from the newsletter he has received.
The Administrator processes personal data of users visiting the Administrator's profiles kept in social media (Facebook, You Tube, Instagram, Twitter). These data are processed only in connection with running the profile, including to inform users about the Administrator's activity and to promote various types of events, services and products. The legal basis for the processing of personal data by the Administrator is his legitimate interest (art.6 par.1 lit.f RODO) consisting in promoting his own brand.
Is there a requirement to provide data?
Providing personal data is voluntary, but failure to provide data marked as necessary to provide services to you will prevent their provision.
To what recipients will your personal data be transferred?
Your data may be transferred to entities processing personal data at the request of the administrator min. IT service providers, marketing agencies, etc. The above entities process data on the basis of an agreement with the administrator and only in accordance with the administrator's instructions. Your data may also be provided to entities that are entitled to obtain them on the basis of applicable law, e.g. law enforcement authorities in the event of a request being filed by the authority pursuant to applicable provisions, e.g. pending criminal or civil proceedings. Your data may in some cases be transferred to recipients of third countries, i.e. countries outside the European Economic Area, e.g. if it is necessary for the provision of services to you or if it is conditioned by another important legal basis.
What are the rights related to the processing of your personal data by us?
- the right to access your data, including obtaining a copy of the data
- the right to request correction of data
- the right to delete data (in certain situations)
- the right to lodge a complaint to the supervisory body dealing with the protection of personal data
- the right to limit data processing
If your data is processed on the basis of consent or as part of the services provided, you can additionally exercise the following rights:
- the right to transfer personal data, i.e. to receive your personal data from the administrator in a commonly used machine-readable format. You can send this data to another data administrator.
In order to exercise the above rights, please contact the administrator.
Cookies and other similar technologies
Wall 31 sp.z o.o. is the entity that places information in the form of cookies and other similar technologies on the user's device (computer, laptop, smartphone, etc.). and entities cooperating with us, e.g. partners providing IT and analytical services, application developers, and advertising agencies.
Cookies are IT data, in particular text files, which are stored on the Website User's end device. Cookies usually contain the domain name of the website from which they originate, their storage time on the end device and a unique number. Cookies are not used to identify the user, no user identity is determined on their basis.
The website may place cookies in the browser if the browser allows it. The browser allows the website to access only cookies placed by this website and not to files placed by other websites.
- services rendered
- adapting the content of websites and applications to the User's preferences and optimizing the use of websites
- creating statistics that help to understand how Users use websites and applications
- maintaining the User's session after logging in, thanks to which the User does not have to re-enter the login and password on every subpage of the given website and application
- presenting ads in a way that takes into account the interests of the User and with the guarantee of disabling the option of repeatedly presenting the same advertisement to the User
Due to the lifetime of cookies and other similar technologies, we use two basic types of these files
- session temporary files stored on the User's end device until logging out, leaving the website and application or turning off the software
- permanent - stored on the User's end device for the time specified in the cookie file parameters or until deleted by the User.
Due to the purpose, we use the following types:
- services and applications necessary for the operation of our services
- files used to ensure security, e.g. used to detect fraud in the field of authentication
- performance - enabling collection of information on how to use websites and applications
- functional - enabling remembering the settings selected by the User and personalizing the user interface, e.g. in the scope of the selected language or region of the user's origin, font sizes, etc.
- advertising - enabling delivery of advertising content more tailored to their interests
- statistical - used to count statistics on websites and applications.
Manage browser settings
In many cases, web browsing software by default allows information to be stored in the form of cookies and other similar technologies on the user's end device. However, the user can change these settings at any time. Failure to make changes means that the above Information may be posted and stored on his end device, and thus that we will store information on the user's end device and access this information. From the level of the web browser used by the user it is possible to independently manage cookies. In the most popular portals it is possible to:
The period of personal data processing
The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. As a rule, data is processed for the duration of the service or order, until:
1 / termination of the contract
2 / withdrawal of consent, when the legal basis for data processing is the consent of the user or
3 / filing an effective objection to data processing in cases where the legal basis for data processing is the justified interest of the Administrator.
The data processing period may be extended in each case if the processing is necessary to establish and assert any claims or defend against them, and after that time only if and to the extent required by law. After the end of the processing period, the data is irreversibly deleted or anonymized.
Security of personal data.
The administrator ensures the security of personal data through appropriate technical and organizational measures aimed at preventing unlawful data processing and their accidental loss, destruction and damage. In addition, the Administrator makes special care that personal information is:
- correct and processed in a lawful manner,
- obtained only for specified purposes and not further processed in a way incompatible with those purposes, adequate, relevant and not excessive in relation to the purposes of their processing
- accurate and current
- not kept longer than necessary
- securely stored and not transferred to States outside the European Economic Area without adequate protection.
In order to better secure the user's account, it is recommended:
- using a complex password securing access to the account, making it impossible to guess it by third parties. Such a password should contain a minimum of 8 characters, upper and lower case letters, numbers and special characters.
- keeping the login and password for the customer's account secret, including in particular not transferring data (login, password) to any third parties.
- logging out of the website after each completed session (completed purchases, adding messages on the forum). Turning off the browser window is not the same as logging out of the website. Logging out of the website will occur after clicking the "Logout" button.
- use of anti-virus programs.
- using the website only through trusted computers on which only proven software is installed. The use of other people's computers by the user raises the risk of intercepting the login, password or other data that the user provides when using the account.
The administrator conducts risk analysis on an ongoing basis to ensure that personal data are processed by him in a secure manner, i.e. that only authorized persons have access to the data to the extent that it is necessary due to the tasks they perform.
The administrator takes all necessary actions so that his subcontractors and other cooperating entities guarantee the application of appropriate security measures in each case.
Contact with the administrator is possible via the email address firstname.lastname@example.org in any case regarding the processing of personal data.